NIST 800-50: Security Awareness and Training Program
This NIST publication provides detailed guidance on designing, developing, implementing, and maintaining an awareness and training program within an agency's IT security program.

ENISA: A Users’ Guide: How to Raise Information Security Awareness
This document illustrates the main processes necessary to plan, organise and run information security awareness raising initiatives: plan & assess, execute & manage, evaluate & adjust. Each process is analysed and time-related actions and dependencies are identified. The process modelling presented provides a basis for "kick-starting" the scoping and planning activities as well as the execution and assessment of any programme. The Guide aims to deliver a consistent and robust understanding of major processes and activities amoung users.

NIST 800-16: Information Technology Security Training Requirements (188 pages)
The overall goal for use of this document is to facilitate the development or strengthening of a comprehensive, measurable, cost-effective IT security program which supports the missions of the organization and is administered as an integral element of sound IT management and planning. Protecting the value of an organization’s information assets demands no less. This approach allows senior officials to understand where, in what way, and to what extent IT-related job responsibilities include IT security responsibilities, permitting the most cost-effective allocation of limited IT security training resources.
Appendix A-D      Appendix E

Building a Security Awareness Program - CyberGuard
Hackers, worms and viruses grab the headlines, but the real threat often comes not from outside the organization but within. Social engineering and unhappy employees pose very real risks to network security. How do you address the problem? This article offers a practical approach to setting up an effective security awareness program that gets everyone in the organization on board.

Awareness Tips for All Personnel - Gideon T. Rasmussen
Security tips are a key component to any awareness program. They should advise of best practices and reinforce policy.These tips are written with the average person as the intended audience. The site randomly displays information security tips. Companies can use it internally to educate their user community. The site and script are free to download.

Security Awareness Tips by Role - IT Governance Institute
ITGI offers a security baseline for enterprises and security survival kits for a variety of computer users.

· Professional Users
· Managers
· Executives
· Senior Executives
· Boards of Directors/Trustees
· Home Users

Security Awareness Toolbox - The Information Warfare Site
The Security Awareness Toolbox contains many useful documents and links. The Main Documents section was contributed by Melissa Guenther. The Toolbox is a rich source of awareness material.

SANS Reading Room - Security Awareness Section
Most of the computer security white papers in the Reading Room have been written by students seeking GIAC certification to fulfill part of their certification requirements and are provided by SANS as a resource to benefit the security community at large.

University of Arizona Security Awareness Page
The UA security awareness site contains awareness presentations, videos and posters. It's a good site to explore.

NoticeBoard Newsletter
NoticeBored offers a free awareness newsletter covering a different information security topic each month. The newsletter provides an introduction to the monthly topic, describes the information security risks and outlines the remaining security awareness materials delivered to NoticeBored customers.

IIA Tone at the Top Awareness Newsletter
Mission: To provide executive management, boards of directors, and audit committees with concise, leading-edge information on such issues as risk, internal control, governance, ethics, and the changing role of internal auditing; and guidance relative to their roles in, and responsibilities for the internal audit process.

Security Awareness Group - Yahoo Groups
The security awareness group provides a forum to discuss awareness program methodologies and share security awareness tips. Those interested in learning more about information security will benefit from the exchange of tips and the opportunity to ask questions.


Security Awareness Posters

Attentus Healthcare Company in cooperation with DasSign has provided security awareness posters in the interest of public education. These posters can be used and distributed freely without obligation.

Be Alert	Small Image (172 KB)	Large Poster (10.3 MB)
Don't Disclose	Small Image (116 KB)	Large Poster (11.1 MB)
E-mail Attachments	Small Image (124 KB)	Large Poster (8.69 MB)
End of Day	Small Image (180 KB)	Large Poster (18.1 MB)
Ensure Backup	Small Image (176 KB)	Large Poster (13.7 MB)
Guard Passwords	Small Image (120 KB)	Large Poster (11.9 MB)
Illegal Software	Small Image (180 KB)	Large Poster (12.3 MB)
Log Off	Small Image (148 KB)	Large Poster (12.2 MB)
Password Protection	Small Image (120 KB)	Large Poster (9.74 MB)
Personally Owned	Small Image (152 KB)	Large Poster (5.48 MB)
Strong Passwords	Small Image (144 KB)	Large Poster (9.00 MB)
Unauthorized Software	Small Image (148 KB)	Large Poster (16.0 MB)

Security Awareness Posters - California Central Coast SATE
The CA Central Coast SATE site is dedicated to providing education on a wide variety of security education topics to the general community.

Information Assurance Awareness Posters - Information Warfare Site
These awareness posters were provided as a courtesy by Keesler Air Force Base. You may download the posters and submit to your graphics department to tailor to your organizations specifications. This page includes links to posters on other sites as well.